graysky

Nope.. doesn't work outside my LAN. RA does work if the user makes a formal invite and emails it to me.... Help anyone this has to be some policy setting.

Think I figured it out! Start up gpedit.msc (windowskey+r then gpedit.msc) Then navigate to: Local Computer Policy\Computer Configuration\Administrative Templates\System\Remote Assistance Open up Offer Remote Assistance and enable it. You'll have to enter the user name of the person you want to be able to get into your system Doing this, I've been able to use this shortcut method behind my LAN. I'll try on a friend's machine later on and report back but I see no reason why it shouldn't work.

Thanks for the info, Chili. They are all started as per your suggestion yet that error message is present I can take control of the target PC if I go through the process of creating an invitation so I know it works. This shortcut method doesn't seem to work though which would make things MUCH easier. Could it be some sort of security policy issue anyone?

I tried this from behind my router (so no need to open 3389 for access from outside my LAN). I have enabled RA on both machines and am not blocking machine to machine ports. I can successfully create the shortcut on machine A and when I type in machine B's IP address I get the following error: Access to the requested resource as been disabled by your administrator. Is there a service I need to have active or something? As I said, the RA check box is checked on both machines as is the "allow this computer to be controlled remotely" check box. Thanks for any help all!

Hi all, before discovering this thread, I have been experimenting with the remote assistance feature in winxp pro. Anyway, when I make an invitation I noticed that my firewall warned me of many attempts to connect to remote severs: c:\windows\pchealth\helpctr\binaries\helpctr.exe 207.46.249.55 69.44.123.142 69.44.123.153 207.46.20.30 207.46.198.60 207.46.199.30 207.46.199.60 207.46.225.60 207.46.249.55 Seems to me that a remote connection between two machines shouldn't have to go through a 3rd party at all. What's up with this behavior?

Thanks for the help up to this point. I suppose I'll keep using VNC. Approaching this from another angle: is there a stand-alone client/server version of the remote desktop feature within XP? Maybe something along the lines of extracting this and turning it into a standalone app somewhat analogous to what BartPE does to the /i386 directory of WinXP?

You're right about that, mmx. Next question would be how to trump that in an offline fashion? Can this be done?

@chilifrei64: Thanks very much -- very cool suggestion. BartPE rocks. One question about this for you though... what utility within the BartPE can I use to load that hive? I didn't see anything in the plugins that referred to a registry editing application. I'm pretty sure regedit won't do that... ideas?

The later. I can do it ad hoc with Tight VNC since that app doesn't require any reg changes/installer but even on a gigabit LAN, VNC is sloooow compared to the built in RDP. Any thoughts?

Now you've peaked my interest. Several questions: 1. When you refer to a Live CD... is that something like knoppix flavor of LINUX or is there a win32 you'd recommend? 2. Have you successfully done this without corrupting the system, and if so can you point me to a good resource? Thanks man!

Topic says it all... is there a way to do it is the question.

Is there a reg key or keys I can use to allow my unattended CD to enable this by default? ---edit: should have searched for 'remote desktop' someone please nuke this thread

Thanks, I'll give it a shot... does it let users know which should be installed? Why does m$ require us to run a service to use windows update? I find that extreme. Seems like all they would need to do is simply publish a list of fixes with download links.

If one installs a hotfix through the GUI, it is clearly visitable through the add/remove area of control panels. Is there a way to verify which of the hotfixes have been installed on unattended setup (using the svcpack.inf method) without using windows update? Thanks all!

Topic says it all. My disc skips right to the "select a partition to install" screen. Thanks!

I goggled a bit for the same info you found here... can you cite a source URL? Thanks!

Nor do I... can you provide some info about your hardware/software setup?

Interesting, I stand corrected. My understanding was that the system XP uses was plain text and insecure. Do you know what encryption protocol is used? It can't be a public/private system. I think security features need to be some how "non-transparent" features so users are aware of them. Yeah, the reference in my post teaches how to setup stunnel, openssl, and VNC to be secure. BTW, if you like the faster m$ remote utils, you can use stunnel to wrap its traffic in ssl if you want. I've never used RA myself, but if you setup your parent's PC with VNC and stunnel both as services, you can get into their box at will without their intervention. Maybe this can be archived with RA, I do not know. Judging by their poor track record, I don't trust m$ to secure my connections. I still like and recommend the stunnel/VNC solution.

True... I thought I saw that in a util somewhere, but that works too

I have since slipstreamed, just been a while since I had to reinstall. Thanks for the info! BTW, I thought there was a util that'll display the date you installed the os? msnfo32 maybe? I can't seem to find it.

Did tha help? Seems like since he'd be hitting keys/moving mouse the screensaver wouldn't kick on... What do you have your "wait" setting set to in the screensaver option? 2 minutes? Are you using a joystick/gamepad and not the keyboard/mouse?

Don't use the native remotes feature in windows -- neither is very secure (no encryption so plain text passwords, no public/private key validation, etc.). You can however, setup and use TightVNC (freeware remote access util) with another freeware util called stunnel and openssl that will secure everything with SSH encryption. Read the guide here. On the down side, the VNC connections are slower than the built in MS ones -- even on high bandwidth pipes. Just another example of how the tight-lipped m$ policy helps squelch open source alternatives (keeping code and programmer hooks secret) when it comes to windows. It's not that bad, but you can notice a speed different (rendering rate mostly) if you compare the two head-to-head. Another reason I like TightVNC is that, you cannot [to my knowledge] easily transfer files to/from the remote and host PCs with the out-of-the-box m$ stuff; TightVNC has a nice little feature that allows this. The other reason I like Tight VNC is that your parents will be able to see what you're doing (mouse movements, menu access, etc.) so you can walk them through problems and they can learn [hopefully] from what you're showing them. My experience with the built-in remote feature is that once you log in, the host PC only displays the logon screen, so people watching the host's monitor cannot see anything. There's probably a setting to change this, but I don't care since the m$ stuff is far too insecure

Just noticed around 502 megs of files in: C:\WINDOWS\ServicePackFiles\i386 Anyone know the purpose of this directory? Can it be removed safely?

Works like a charm now, thanks! BTW, do you know of a resource that will list all the different vars one can use in a batch file (like %1 for example)? Thanks again!

I think I found the problem: when I right click a dir anywhere in a given drive, the batch file tries to run on the root drive -- not the dir I'm rightclicking. In other words, I rightlcik e:\work and select the command from the pop-up. The result is that the batch file runs on e:\ Likewise, if I right-click d:\temp\album and select the command from the pop-up, the result is that the batch file runs on d:\ Took me a while to figure it out but that's the case... is there something wrong with the reg key syntax that wouldn't pass on the full path to the batch file?